tfctl 0.0.2 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0e1075714676ca848752725f2d98c38240e5a9ee2bc901b582ffba6edd46fc0f
-  data.tar.gz: b48bc64d5a9aaae352538ed88b648b20e2b2c68c59bd0c1b3b5c8757e3c421b9
+  metadata.gz: cac739f38f0484a3f0a8373224183f0705c79372962c58711f82719978d86fbe
+  data.tar.gz: 8ed33267e070125bb03e1591075642163c367f8d5ab1d4ee4040c2afc97a11d8
 SHA512:
-  metadata.gz: b87ecf1c66f1528bf98134d631aef3c8264326bbd0e399eb769860ad853d24ebc59339ba6df16be41b6d728c4fd63df035a210a1ca9d09fd17960de2b4d66fa1
-  data.tar.gz: 657f44ce06c1ac667525a80009f73e88fbf9754f32f5703faad8fbfe1b6355fd6796690c8b0583af549fef8d75de318d1dc98f56aa80644b78ff2a068e30bfa7
+  metadata.gz: 675c2b7e868b2850749a7ca53b34ee594f84a8b30a62f3098ede1221394879d7595ecede9b76eb3da960728600092f1385ac35d122e5d2aaf17e699f903d019a
+  data.tar.gz: caf57a862a8e5ecc2e3ff64102389f1822527f4975a708407b75a23a2378d8a087fe1a6ead434f4835fc3e5681c35c145d5d5b6dfb446409ffc909940a34c2e7

data/.rubocop.yml

@@ -0,0 +1,79 @@
+---
+AllCops:
+  TargetRubyVersion: 2.3
+  DisplayCopNames: true
+
+Layout/IndentationWidth:
+  Width: 4
+
+Layout/IndentHeredoc:
+  Enabled: false
+
+Layout/EmptyLines:
+  Enabled: false
+
+Layout/EmptyLinesAroundMethodBody:
+  Enabled: false
+
+Layout/AlignHash:
+  EnforcedHashRocketStyle:
+    - table
+  EnforcedColonStyle:
+    - table
+
+Layout/SpaceAroundOperators:
+  Enabled: false
+
+Layout/ExtraSpacing:
+  Enabled: false
+
+Layout/EmptyLinesAroundBlockBody:
+  Enabled: false
+
+Layout/EmptyLinesAroundClassBody:
+  Enabled: false
+
+Metrics/CyclomaticComplexity:
+  Enabled: false
+
+Metrics/PerceivedComplexity:
+  Enabled: false
+
+Metrics/BlockLength:
+  Enabled: false
+
+Metrics/MethodLength:
+  Enabled: false
+
+Metrics/LineLength:
+  Max: 140
+
+Metrics/AbcSize:
+  Enabled: false
+
+Metrics/ParameterLists:
+  Enabled: false
+
+Metrics/ClassLength:
+  Enabled: false
+
+Style/IfUnlessModifier:
+  Enabled: false
+
+Style/AndOr:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Style/TrailingCommaInArguments:
+    EnforcedStyleForMultiline: comma
+
+Style/TrailingCommaInArrayLiteral:
+    EnforcedStyleForMultiline: comma
+
+Style/TrailingCommaInHashLiteral:
+    EnforcedStyleForMultiline: comma
+
+Style/RedundantReturn:
+  Enabled: false

data/CHANGELOG.adoc

@@ -1,5 +1,9 @@
 = Changelog
 
+== 0.1.0
+
+* FEATURE: Added `-l` switch to list discovered accounts.
+
 == 0.0.2
 
 * BUGFIX: Fixed an exception when `exclude_accounts` is not set.

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 gemspec

data/Makefile

@@ -1,10 +1,16 @@
-.PHONY: clean install test
+.PHONY: clean install test rubocop spec
 
 vendor:
 	$(info => Installing Ruby dependencies)
 	@bundle install --path vendor --with developement --binstubs=vendor/bin
 
-test: vendor
+test: vendor rubocop spec
+
+rubocop:
+	$(info => Running rubocop)
+	@vendor/bin/rubocop
+
+spec:
 	$(info => Running spec tests)
 	@vendor/bin/rspec
 

data/README.adoc

@@ -2,6 +2,9 @@
 
 = tfctl
 
+image:https://travis-ci.org/scalefactory/tfctl.svg?branch=master["Build Status", link="https://travis-ci.org/scalefactory/tfctl"]
+image:https://badge.fury.io/rb/tfctl.svg["Gem Version", link="https://badge.fury.io/rb/tfctl"]
+
 == Overview
 
 Tfctl is a small Terraform wrapper for working with multi-account AWS
@@ -39,18 +42,16 @@ other ways of managing accounts in AWS Organizations.
 
 == Installation
 
-Clone this repository and run:
+To install the latest release from RubyGems run:
 
 ----
-make install
+gem install tfctl
 ----
 
-This will build a ruby gem and install it.
-
-When using bundler, add this to your `Gemfile`:
+Alternatively you can build and install from this repo with:
 
 ----
-gem 'tfctl', git: 'https://github.com/scalefactory/tfctl'
+make install
 ----
 
 == Docs
@@ -97,7 +98,16 @@ Show merged configuration:
 tfctl -c conf/example.yaml -s
 ----
 
-Run Terraform init accross all accounts:
+List all discovered accounts:
+
+----
+tfctl -c conf/example.yaml --all -l
+----
+
+TIP: This can be narrowed down using targeting options and is a good way to
+test what accounts match.
+
+Run Terraform init across all accounts:
 
 ----
 tfctl -c conf/example.yaml --all -- init

data/bin/tfctl

@@ -7,6 +7,8 @@ end
 require 'optparse'
 require 'fileutils'
 require 'parallel'
+require 'English'
+require 'terminal-table'
 require_relative '../lib/tfctl'
 
 PROJECT_ROOT = Dir.pwd
@@ -15,43 +17,46 @@ PROJECT_ROOT = Dir.pwd
 # Process CLI arguments
 #
 
-options={
-    :account     => nil,
-    :ou          => nil,
-    :all         => nil,
-    :show_config => false,
-    :config_file => nil,
-    :unbuffered  => false,
-    :debug       => false,
-    :use_cache   => false
+options = {
+    account:     nil,
+    ou:          nil,
+    all:         nil,
+    show_config: false,
+    config_file: nil,
+    unbuffered:  false,
+    debug:       false,
+    use_cache:   false,
 }
 
 optparse = OptionParser.new do |opts|
-    opts.on('-a', '--account=name', "Target a specific AWS account") do |o|
+    opts.on('-a', '--account=name', 'Target a specific AWS account') do |o|
         options[:account] = o
     end
-    opts.on('-o', '--ou=organization_unit', "Target accounts in an Organization Unit (uses regex matching)") do |o|
+    opts.on('-o', '--ou=organization_unit', 'Target accounts in an Organization Unit (uses regex matching)') do |o|
         options[:ou] = o
     end
-    opts.on('--all', "Target all accounts") do
+    opts.on('--all', 'Target all accounts') do
         options[:all] = true
     end
-    opts.on('-c', '--config-file=config', "Path to config file") do |o|
+    opts.on('-c', '--config-file=config', 'Path to config file') do |o|
         options[:config_file] = o
     end
-    opts.on('-s', '--show-config', "Display configuration") do
+    opts.on('-s', '--show-config', 'Display configuration') do
         options[:show_config] = true
     end
-    opts.on('-x', '--use-cache', "Use cached AWS organization data") do
+    opts.on('-l', '--list-accounts', 'List discovered accounts') do
+        options[:list_accounts] = true
+    end
+    opts.on('-x', '--use-cache', 'Use cached AWS organization data') do
         options[:use_cache] = true
     end
-    opts.on('-u', '--unbuffered', "Disable buffering of Terraform output") do
+    opts.on('-u', '--unbuffered', 'Disable buffering of Terraform output') do
         options[:unbuffered] = true
     end
-    opts.on('-d', '--debug', "Turn on debug messages") do
+    opts.on('-d', '--debug', 'Turn on debug messages') do
         options[:debug] = true
     end
-    opts.on('-v', '--version', "Show version") do
+    opts.on('-v', '--version', 'Show version') do
         puts Tfctl::VERSION
         exit
     end
@@ -67,34 +72,33 @@ begin
         raise OptionParser::MissingArgument, '--config-file'
     end
 
-    unless File.exists? options[:config_file]
+    unless File.exist? options[:config_file]
         raise OptionParser::InvalidOption,
-          "Config file not found in: #{options[:config_file]}"
+              "Config file not found in: #{options[:config_file]}"
     end
 
-    unless File.exists? options[:config_file]
-      raise OptionParser::InvalidOption, "Config file #{options[:config_file]} not found."
+    unless File.exist? options[:config_file]
+        raise OptionParser::InvalidOption, "Config file #{options[:config_file]} not found."
     end
 
     # Validate targets
-    targetting_opts = [:account, :ou, :all]
+    targetting_opts = %i[account ou all]
     targets_set = []
-    options.each do |k,v|
+    options.each do |k, v|
         if targetting_opts.include?(k)
-            targets_set << k.to_s unless v == nil
+            targets_set << k.to_s unless v.nil?
         end
     end
     if targets_set.length > 1
         raise OptionParser::InvalidOption,
-            "Too many target options set: #{targets_set.join(', ')}.  Only one can be specified."
+              "Too many target options set: #{targets_set.join(', ')}.  Only one can be specified."
     end
     if targets_set.empty? and options[:show_config] == false
-        raise OptionParser::InvalidOption, "Please specify target"
+        raise OptionParser::InvalidOption, 'Please specify target'
     end
-
 rescue OptionParser::InvalidOption, OptionParser::MissingArgument
-    $stderr.puts $!.to_s
-    $stderr.puts optparse
+    warn $ERROR_INFO.to_s
+    warn optparse
     exit 2
 end
 
@@ -114,12 +118,11 @@ def run_account(config, account, options, tf_argv, log)
     # executed from.
     log.info "#{account[:name]}: Generating Terraform run directory"
     Tfctl::Generator.make(
-        config:            config,
-        terraform_io_org:  config[:terraform_io_org],
-        account_id:        account[:id],
-        account_name:      account[:name],
-        profiles:          account[:profiles],
-        execution_role:    account[:tf_execution_role]
+        config:         config,
+        account_id:     account[:id],
+        account_name:   account[:name],
+        profiles:       account[:profiles],
+        execution_role: account[:tf_execution_role],
     )
 
     log.info "#{account[:name]}: Executing Terraform #{tf_argv[0]}"
@@ -128,7 +131,7 @@ def run_account(config, account, options, tf_argv, log)
         config_name:  config[:config_name],
         unbuffered:   options[:unbuffered],
         log:          log,
-        argv:         tf_argv
+        argv:         tf_argv,
     )
 end
 
@@ -138,9 +141,8 @@ end
 #
 
 begin
-
     # Set up logging
-    options[:debug] ? log_level = Logger::DEBUG : log_level = Logger::INFO
+    log_level = options[:debug] ? Logger::DEBUG : Logger::INFO
     log = Tfctl::Logger.new(log_level)
 
     log.info 'tfctl running'
@@ -150,7 +152,7 @@ begin
 
     log.info 'Working out AWS account topology'
 
-    yaml_config = YAML.load(File.read(options[:config_file]))
+    yaml_config = YAML.safe_load(File.read(options[:config_file]))
     yaml_config.symbolize_names!
 
     org_units = yaml_config[:organization_units].keys
@@ -159,39 +161,57 @@ begin
     log.info 'Merging configuration'
 
     config = Tfctl::Config.new(
-                config_name:    config_name,
-                yaml_config:    yaml_config,
-                aws_org_config: aws_org_accounts,
-                use_cache:      options[:use_cache])
-
+        config_name:    config_name,
+        yaml_config:    yaml_config,
+        aws_org_config: aws_org_accounts,
+        use_cache:      options[:use_cache],
+    )
 
     if options[:show_config]
         puts config.to_yaml
         exit 0
     end
 
-    # Run targets
+    # Find target accounts
 
     if options[:account]
-        account = config.find_accounts(:name, options[:account]).first
-        run_account(config, account, options, ARGV, log)
-
+        accounts = config.find_accounts(:name, options[:account])
     elsif options[:ou]
         accounts = config.find_accounts_regex(:ou_path, options[:ou])
-        Parallel.each(accounts, in_processes: 8) do |ac|
-            run_account(config, ac, options, ARGV, log)
-        end
-
     elsif options[:all]
         accounts = config[:accounts]
-        Parallel.each(accounts, in_processes: 8) do |ac|
-            run_account(config, ac, options, ARGV, log)
+    else
+        raise Tfctl::Error, 'Missing target'
+    end
+
+    # List target accounts
+
+    if options[:list_accounts]
+        log.info "Listing accounts\n"
+        table = Terminal::Table.new do |t|
+            t.style = {
+                border_x:     '',
+                border_y:     '',
+                border_i:     '',
+                padding_left: 0,
+            }
+            t << %w[ACCOUNT_ID OU NAME]
+            accounts.each do |account|
+                t << [account[:id], account[:ou_path], account[:name]]
+            end
         end
+
+        puts table
+        exit 0
     end
 
+    # Execute Terraform in target accounts
 
-    log.info 'Done'
+    Parallel.each(accounts, in_processes: 8) do |ac|
+        run_account(config, ac, options, ARGV, log)
+    end
 
+    log.info 'Done'
 rescue Tfctl::Error => e
     log.error(e)
     exit 1

data/examples/control_tower/conf/example.yaml

@@ -50,7 +50,7 @@ organization_root:
 # Configuration to apply to accounts in Organization Units
 # Units not listed here will be ignored
 organization_units:
-  # Uncomment if you want to include accounts under the Core OU
+  # Uncomment if you want to include Core OU accounts
   # Core: {}
   live: {}
   test: {}

data/lib/hash.rb

@@ -2,25 +2,31 @@
 
 # Add a deep_merge method to a Hash.
 # It unions arrays (for terraform profiles behaviour)
-class ::Hash
+class Hash
     def deep_merge(second)
-        merger = proc { |key, v1, v2|
-          Hash === v1 && Hash === v2 ? v1.merge(v2, &merger) :
-          Array === v1 && Array === v2 ? v1 | v2 :
-          [:undefined, nil, :nil].include?(v2) ? v1 : v2
+        merger = proc { |_key, v1, v2|
+            if v1.is_a?(Hash) && v2.is_a?(Hash)
+                v1.merge(v2, &merger)
+            elsif v1.is_a?(Array) && v2.is_a?(Array)
+                v1 | v2
+            elsif [:undefined, nil, :nil].include?(v2)
+                v1
+            else
+                v2
+            end
         }
-        self.merge(second.to_h, &merger)
+        merge(second.to_h, &merger)
     end
 
     # Copied from ruby 2.6 Psych for 2.3 compatibility.
-    def symbolize_names!(result=self)
+    def symbolize_names!(result = self)
         case result
         when Hash
-          result.keys.each do |key|
-            result[key.to_sym] = symbolize_names!(result.delete(key))
-          end
+            result.keys.each do |key|
+                result[key.to_sym] = symbolize_names!(result.delete(key))
+            end
         when Array
-          result.map! { |r| symbolize_names!(r) }
+            result.map! { |r| symbolize_names!(r) }
         end
         result
     end

data/lib/tfctl/aws_org.rb

@@ -8,39 +8,35 @@ module Tfctl
 
         def initialize(role_arn)
             @aws_org_client = Aws::Organizations::Client.new(
-              region:      'us-east-1',
-              # Assume role in primary account to read AWS organization API
-              credentials: aws_assume_role(role_arn)
+                region:      'us-east-1',
+                # Assume role in primary account to read AWS organization API
+                credentials: aws_assume_role(role_arn),
             )
         end
 
         # Gets account data for specified OUs from AWS Organizations API
         def accounts(org_units)
-            output = { :accounts => [] }
+            output = { accounts: [] }
 
             aws_ou_ids = aws_ou_list
 
             org_units.each do |ou_path|
-
-                if aws_ou_ids.has_key?(ou_path)
-                    parent_id = aws_ou_ids[ou_path]
-                else
-                    raise Tfctl::Error.new "Error: OU: #{ou_path}, does not exists in AWS organization"
-                end
-
-                @aws_org_client.list_accounts_for_parent({ parent_id: parent_id }).accounts.each do |account|
-                    if account.status == 'ACTIVE'
-
-                        output[:accounts] << {
-                            :name       => account.name,
-                            :id         => account.id,
-                            :arn        => account.arn,
-                            :email      => account.email,
-                            :ou_path    => ou_path.to_s,
-                            :ou_parents => ou_path.to_s.split('/'),
-                            :profiles   => [],
-                        }
-                    end
+                raise Tfctl::Error, "Error: OU: #{ou_path}, does not exists in AWS organization" unless aws_ou_ids.key?(ou_path)
+
+                parent_id = aws_ou_ids[ou_path]
+
+                @aws_org_client.list_accounts_for_parent(parent_id: parent_id).accounts.each do |account|
+                    next unless account.status == 'ACTIVE'
+
+                    output[:accounts] << {
+                        name:       account.name,
+                        id:         account.id,
+                        arn:        account.arn,
+                        email:      account.email,
+                        ou_path:    ou_path.to_s,
+                        ou_parents: ou_path.to_s.split('/'),
+                        profiles:   [],
+                    }
                 end
             end
             output
@@ -49,7 +45,7 @@ module Tfctl
         private
 
         # Get a mapping of ou_name => ou_id from AWS organizations
-        def aws_ou_list()
+        def aws_ou_list
             output = {}
             root_ou_id = @aws_org_client.list_roots.roots[0].id
 
@@ -62,7 +58,7 @@ module Tfctl
                     end
                 end
             end
-            ou_recurse.call({ :root => root_ou_id })
+            ou_recurse.call(root: root_ou_id)
 
             output
         end
@@ -72,28 +68,24 @@ module Tfctl
             output = {}
             retries = 0
 
-            @aws_org_client.list_children( {
+            @aws_org_client.list_children(
                 child_type: 'ORGANIZATIONAL_UNIT',
-                parent_id: parent_id,
-            }).children.each do |child|
+                parent_id:  parent_id,
+            ).children.each do |child|
 
                 begin
-                    ou = @aws_org_client.describe_organizational_unit({
-                        organizational_unit_id: child.id
-                    }).organizational_unit
+                    ou = @aws_org_client.describe_organizational_unit(
+                        organizational_unit_id: child.id,
+                    ).organizational_unit
                 rescue Aws::Organizations::Errors::TooManyRequestsException
-                    # FIXME - use logger
+                    # FIXME: - use logger
                     puts 'AWS Organizations: too many requests.  Retrying in 5 secs.'
                     sleep 5
                     retries += 1
                     retry if retries < 10
                 end
 
-                if parent_name == :root
-                    ou_name = ou.name.to_sym
-                else
-                    ou_name = "#{parent_name}/#{ou.name}".to_sym
-                end
+                ou_name = parent_name == :root ? ou.name.to_sym : "#{parent_name}/#{ou.name}".to_sym
 
                 output[ou_name] = ou.id
             end
@@ -101,20 +93,19 @@ module Tfctl
         end
 
         def aws_assume_role(role_arn)
-          begin
-            sts = Aws::STS::Client.new()
-
-            role_credentials = Aws::AssumeRoleCredentials.new(
-              client: sts,
-              role_arn: role_arn,
-              role_session_name: 'tfctl'
-            )
-          rescue StandardError => e
-            raise Tfctl::Error.new("Error assuming role: #{role_arn}, #{e.message}")
-            exit 1
-          end
+            begin
+                sts = Aws::STS::Client.new
+
+                role_credentials = Aws::AssumeRoleCredentials.new(
+                    client:            sts,
+                    role_arn:          role_arn,
+                    role_session_name: 'tfctl',
+                )
+            rescue StandardError => e
+                raise Tfctl::Error, "Error assuming role: #{role_arn}, #{e.message}"
+            end
 
-          role_credentials
+            role_credentials
         end
 
     end

data/lib/tfctl/config.rb

@@ -18,7 +18,7 @@ module Tfctl
                 @config = read_cache(cache_file)
             else
                 @config = load_config(config_name, yaml_config, aws_org_config)
-                write_cache(@config, cache_file)
+                write_cache(cache_file)
             end
         end
 
@@ -30,15 +30,17 @@ module Tfctl
             @config.each(&block)
         end
 
-        def has_key?(k)
-            @config.has_key?(k)
+        def key?(key)
+            @config.key?(key)
         end
 
+        alias has_key? key?
+
         def to_yaml
             @config.to_yaml
         end
 
-        def to_json
+        def to_json(*_args)
             @config.to_json
         end
 
@@ -52,8 +54,9 @@ module Tfctl
             end
 
             if output.empty?
-                raise Tfctl::Error.new "Account not found with #{property_name}: #{property_value}"
+                raise Tfctl::Error, "Account not found with #{property_name}: #{property_value}"
             end
+
             output
         end
 
@@ -65,13 +68,14 @@ module Tfctl
                         output << account
                     end
                 rescue RegexpError => e
-                    raise Tfctl::Error.new "Regexp: #{e}"
+                    raise Tfctl::Error, "Regexp: #{e}"
                 end
             end
 
             if output.empty?
-                raise Tfctl::Error.new "Account not found with #{property_name} matching regex: #{expr}"
+                raise Tfctl::Error, "Account not found with #{property_name} matching regex: #{expr}"
             end
+
             output
         end
 
@@ -96,14 +100,14 @@ module Tfctl
             config
         end
 
-        def write_cache(config, cache_file)
+        def write_cache(cache_file)
             FileUtils.mkdir_p File.dirname(cache_file)
-            File.open(cache_file, 'w') {|f| f.write self.to_yaml }
+            File.open(cache_file, 'w') { |f| f.write to_yaml }
         end
 
         def read_cache(cache_file)
             unless File.exist?(cache_file)
-                raise Tfctl::Error.new("Cached configuration not found in: #{cache_file}")
+                raise Tfctl::Error, "Cached configuration not found in: #{cache_file}"
             end
 
             YAML.load_file(cache_file)
@@ -111,16 +115,13 @@ module Tfctl
 
         # Sets :excluded property on any excluded accounts
         def mark_excluded_accounts(config)
-          return config unless config.has_key?(:exclude_accounts)
-
-          config[:accounts].each_with_index do |account, idx|
-              if config[:exclude_accounts].include?(account[:name])
-                  config[:accounts][idx][:excluded] = true
-              else
-                  config[:accounts][idx][:excluded] = false
-              end
-          end
-          config
+            return config unless config.key?(:exclude_accounts)
+
+            config[:accounts].each_with_index do |account, idx|
+                config[:accounts][idx][:excluded] = config[:exclude_accounts].include?(account[:name]) ? true : false
+            end
+
+            config
         end
 
         def remove_unset_profiles(config)
@@ -158,13 +159,13 @@ module Tfctl
                 # merge all OU levels settings
                 account_ou_parents.each_with_index do |_, i|
                     account_ou = account_ou_parents[0..i].join('/').to_sym
-                    if yaml_config[:organization_units].has_key?(account_ou)
+                    if yaml_config[:organization_units].key?(account_ou)
                         account_config = account_config.deep_merge(yaml_config[:organization_units][account_ou])
                     end
                 end
 
                 # merge any account overrides
-                if yaml_config[:account_overrides].has_key?(account_name)
+                if yaml_config[:account_overrides].key?(account_name)
                     account_config = account_config.deep_merge(yaml_config[:account_overrides][account_name])
                 end
 

data/lib/tfctl/executor.rb

@@ -3,23 +3,18 @@
 require 'open3'
 require 'fileutils'
 require 'shellwords'
-require 'thread'
 require_relative 'error.rb'
 
 module Tfctl
     module Executor
-        extend self
+        module_function
 
         # Execute terraform command
         def run(account_name:, config_name:, log:, cmd: nil, argv: [], unbuffered: true)
 
             if cmd.nil?
-                if File.exists?("#{PROJECT_ROOT}/bin/terraform")
-                    # use embedded terraform binary
-                    cmd = "#{PROJECT_ROOT}/bin/terraform"
-                else
-                    cmd = 'terraform'
-                end
+                # use project terraform binary if available
+                cmd = File.exist?("#{PROJECT_ROOT}/bin/terraform") ? "#{PROJECT_ROOT}/bin/terraform" : 'terraform'
             end
 
             path       = "#{PROJECT_ROOT}/.tfctl/#{config_name}/#{account_name}"
@@ -57,14 +52,14 @@ module Tfctl
                 Thread.new do
                     stdout.each do |line|
                         semaphore.synchronize do
-                            unbuffered ? log.info("#{account_name}: #{line.chomp}") : output << [ 'info', line ]
+                            unbuffered ? log.info("#{account_name}: #{line.chomp}") : output << ['info', line]
                         end
                     end
                 end
                 Thread.new do
                     stderr.each do |line|
                         semaphore.synchronize do
-                            unbuffered ? log.error("#{account_name}: #{line.chomp}") : output << [ 'error', line ]
+                            unbuffered ? log.error("#{account_name}: #{line.chomp}") : output << ['error', line]
                         end
                     end
                 end
@@ -79,26 +74,23 @@ module Tfctl
                 FileUtils.cd cwd
                 FileUtils.rm_f plan_file if args[0] == 'apply' # tidy up the plan file
 
-                unless status.exitstatus == 0
-                    raise Tfctl::Error.new "#{cmd} failed with exit code: #{status.exitstatus}"
+                unless status.exitstatus.zero?
+                    raise Tfctl::Error, "#{cmd} failed with exit code: #{status.exitstatus}"
                 end
             end
         end
 
         # Adds plan file to `plan` and `apply` sub commands
         def plan_file_args(plan_file, subcmd)
-            output = []
-            if subcmd == 'plan'
-                output = [ "-out=#{plan_file}" ]
-
-            elsif subcmd == 'apply'
-                if File.exists?(plan_file)
-                    output = [ "#{plan_file}" ]
-                else
-                    raise Tfctl::Error.new "Plan file not found in #{plan_file}.  Run plan first."
-                end
+            return ["-out=#{plan_file}"] if subcmd == 'plan'
+
+            if subcmd == 'apply'
+                raise Tfctl::Error, "Plan file not found in #{plan_file}.  Run plan first." unless File.exist?(plan_file)
+
+                return [plan_file.to_s]
             end
-            output
+
+            return []
         end
     end
 end

data/lib/tfctl/generator.rb

@@ -2,11 +2,11 @@
 
 require 'fileutils'
 
-# Generates Terraform configuration for an account.
+# Generates top level Terraform configuration for an account.
 
 module Tfctl
     module Generator
-        extend self
+        module_function
 
         def write_json_block(path, block)
             File.open(path, 'w') do |f|
@@ -15,7 +15,6 @@ module Tfctl
         end
 
         def make(
-            terraform_io_org:,
             account_id:,
             account_name:,
             execution_role:,
@@ -32,7 +31,7 @@ module Tfctl
             terraform_block = {
                 'terraform' => {
                     'required_version' => tf_version,
-                    'backend' => {
+                    'backend'          => {
                         's3' => {
                             'bucket'         => config[:tf_state_bucket],
                             'key'            => "#{account_name}/tfstate",
@@ -40,31 +39,31 @@ module Tfctl
                             'role_arn'       => config[:tf_state_role_arn],
                             'dynamodb_table' => config[:tf_state_dynamodb_table],
                             'encrypt'        => 'true',
-                        }
-                    }
-                }
+                        },
+                    },
+                },
             }
             write_json_block("#{target_dir}/terraform.tf.json", terraform_block)
 
             provider_block = {
                 'provider' => {
-                    'aws'  => {
+                    'aws' => {
                         'version'     => aws_provider_version,
                         'region'      => region,
                         'assume_role' => {
-                            'role_arn' => "arn:aws:iam::#{account_id}:role/#{execution_role}"
-                        }
-                    }
-                }
+                            'role_arn' => "arn:aws:iam::#{account_id}:role/#{execution_role}",
+                        },
+                    },
+                },
             }
             write_json_block("#{target_dir}/provider.tf.json", provider_block)
 
             vars_block = {
                 'variable' => {
                     'config' => {
-                        'type' => 'string'
-                    }
-                }
+                        'type' => 'string',
+                    },
+                },
             }
             write_json_block("#{target_dir}/vars.tf.json", vars_block)
 
@@ -79,13 +78,13 @@ module Tfctl
                 profile_block = {
                     'module' => {
                         profile => {
-                            'source' => "../../../profiles/#{profile}",
-                            'config' => '${var.config}',
+                            'source'    => "../../../profiles/#{profile}",
+                            'config'    => '${var.config}',
                             'providers' => {
-                              'aws' => 'aws'
-                            }
-                        }
-                    }
+                                'aws' => 'aws',
+                            },
+                        },
+                    },
                 }
 
                 write_json_block("#{target_dir}/profile_#{profile}.tf.json", profile_block)

data/lib/tfctl/logger.rb

@@ -10,7 +10,7 @@ module Tfctl
 
             self.level = log_level
 
-            @outlog.formatter = proc do |severity, datetime, progname, msg|
+            @outlog.formatter = proc do |severity, _datetime, _progname, msg|
                 # "#{datetime.iso8601} #{severity.downcase}: #{msg}\n"
                 "#{severity.downcase}: #{msg}\n"
             end
@@ -24,11 +24,25 @@ module Tfctl
             @outlog.level
         end
 
-        def debug(msg); log(:debug, msg); end
-        def info(msg); log(:info, msg); end
-        def warn(msg); log(:warn, msg); end
-        def error(msg); log(:error, msg); end
-        def fatal(msg); log(:fatal, msg); end
+        def debug(msg)
+            log(:debug, msg)
+        end
+
+        def info(msg)
+            log(:info, msg)
+        end
+
+        def warn(msg)
+            log(:warn, msg)
+        end
+
+        def error(msg)
+            log(:error, msg)
+        end
+
+        def fatal(msg)
+            log(:fatal, msg)
+        end
 
         def log(level, msg)
             @outlog.send(level, msg)

data/lib/tfctl/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Tfctl
-    VERSION = '0.0.2'
+    VERSION = '0.1.0'
 end

data/tfctl.gemspec

@@ -1,29 +1,34 @@
 # frozen_string_literal: true
-$LOAD_PATH << File.expand_path("../lib", __FILE__)
+
+$LOAD_PATH << File.expand_path('lib', __dir__)
 require 'tfctl/version'
 
 Gem::Specification.new do |spec|
     spec.name          = 'tfctl'
     spec.version       = Tfctl::VERSION
     spec.authors       = [
-        'Andrew Wasilczuk'
+        'Andrew Wasilczuk',
     ]
     spec.email         = [
-        'akw@scalefactory.com'
+        'akw@scalefactory.com',
     ]
     spec.summary       = 'Terraform wrapper for managing multi-account AWS infrastructures'
     spec.homepage      = 'https://github.com/scalefactory/tfctl'
-    spec.license       = "MIT"
-    spec.files         = `git ls-files -z`.split("\x0").reject { |f|
+    spec.license       = 'MIT'
+    spec.files         = `git ls-files -z`.split("\x0").reject do |f|
         f.match(%r{^(test|spec|features)/})
-    }
-    spec.bindir        = "bin"
+    end
+    spec.bindir        = 'bin'
     spec.executables   = spec.files.grep(%r{^bin/tfctl}) { |f| File.basename(f) }
     spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-    spec.require_paths = ["lib"]
+    spec.require_paths = ['lib']
 
+    # Think when adding new dependencies.  Is it really necessary?
+    # "The things you own end up owning you" etc.
     spec.add_dependency 'aws-sdk-organizations', '~> 1.13'
     spec.add_dependency 'parallel',              '~> 1.17'
+    spec.add_dependency 'terminal-table',        '~> 1.8'
 
     spec.add_development_dependency 'rspec', '~> 3.8'
+    spec.add_development_dependency 'rubocop', '~> 0.76'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tfctl
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.1.0
 platform: ruby
 authors:
 - Andrew Wasilczuk
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-11-08 00:00:00.000000000 Z
+date: 2019-11-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-organizations
@@ -38,6 +38,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.17'
+- !ruby/object:Gem::Dependency
+  name: terminal-table
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -52,6 +66,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.8'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.76'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.76'
 description: 
 email:
 - akw@scalefactory.com
@@ -62,6 +90,7 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".rspec"
+- ".rubocop.yml"
 - ".travis.yml"
 - CHANGELOG.adoc
 - Gemfile
@@ -112,7 +141,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubyforge_project: 
+rubygems_version: 2.7.7
 signing_key: 
 specification_version: 4
 summary: Terraform wrapper for managing multi-account AWS infrastructures